Questions tagged [spring-vault]

Spring Vault provides familiar Spring abstractions and client-side support for accessing, storing and revoking secrets from HashiCorp Vault.

Spring Vault provides familiar Spring abstractions and client-side support for accessing, storing and revoking secrets. It offers both low-level and high-level abstractions for interacting with Vault, freeing the user from infrastructural concerns.

With HashiCorp’s Vault you have a central place to manage external secret data for applications across all environments. Vault can manage static and dynamic secrets such as application data, username/password for remote applications/resources and provide credentials for external services such as MySQL, PostgreSQL, Apache Cassandra, Consul, AWS and more.

Features

Spring configuration support using Java based @Configuration classes.
VaultTemplate and ReactiveVaultTemplate helper classes that increase productivity performing common Vault operations.
Exporting Vault secrets as PropertySource through @VaultPropertySource.
Support multiple authentication methods.
Rotation of secrets for databases and messaging services.
Feature Rich Object Mapping integrated with Spring Data Repositories.
Annotation based mapping metadata but extensible to support other metadata formats.

Online Resources:

125 questions

votes

1 answer

Is it possible to use HashiCorp Vault with redundancy in a Spring Boot application?

I set up a vault cluster with two vault servers. One server is active and other one is in standby mode at a time as an expected behaivour. I can access each of them from my spring boot application with configuration in bootstrap.properties as shown…

asked Dec 15 '19 at 09:02

H.Ç.T

3,335
1
18
37

votes

1 answer

How to implement Hashicorp's Vault with Spring Boot

We have enabled spring profiling for Dev, QA, Prod instances and these are running on AWS EC2. We have different property files like: application-dev.propertiesapplication-qa.propertiesapplication-prod.properties And we have configured our…

java spring-boot hashicorp-vault spring-cloud-vault-config spring-vault

asked Sep 19 '19 at 13:56

gbhati

votes

1 answer

Properties are not read from Vault on Integrating Vault with Spring Cloud Config Server

I am trying use Spring boot config server with git and vault and all my spring boot client application will retrieve the vault properties via the config server by passing the vault config token. I am using the spring boot 2.1.8.RELEASE and below is…

spring spring-boot hashicorp-vault spring-cloud-vault-config spring-vault

asked Sep 08 '19 at 06:30

Krushna

5,059
5
32
49

votes

1 answer

Kubernetes auth does not work when using non default auth path

I am using spring vault to access Vault from Spring boot app running in Kubernetes. Version org.springframework.vault spring-vault-core 2.1.3.RELEASE …

spring-vault

asked Aug 23 '19 at 14:00

cppcoder

22,227
6
56
81

votes

1 answer

How to retrieve vault properties to configure MongoDB properties in application.yml?

I want to retrieve some secret (DB username/password) from the vault and configure MongoDB using spring.data.mongodb. I have vault integration done in my spring-boot-starter-data-mongodb application. Hardcoded values are working fine, tried to get…

spring-boot spring-data spring-vault

asked Jul 29 '19 at 07:58

Vistanza

votes

2 answers

Spring Cloud Vault use local env variable when not in production for API Key

I am using Spring Cloud Vault to store an API Key in production. From reading the spring.io blog it appears I can use @Value("${apiKey}") String apiKey; to access that key in vault. This is fine when in production, but is there a way that I can…

spring spring-boot hashicorp-vault spring-cloud-vault-config spring-vault

asked Mar 11 '19 at 12:01

Sophia Price

votes

1 answer

Vault Spring client keeps its connectivity to vault

I have a spring-boot application that uses vault to keep its secrets. The connection to vault is by a dedicated class with the @VaultPropertySource annotation. The connectivity configuration is in bootstrap.yaml file. I need the connection only on…

java spring-boot hashicorp-vault spring-vault

asked Mar 03 '19 at 10:31

Frank Why

votes

1 answer

Hashicorp Vault encrypt data

Can Hashicorp Vault encrypt data? I'm using the Vault as the key(s) storage for now, but does vault able to encrypt data for the application? Scenario: My client is a java application, accessing Vault through Vault's Java spring API. Will java be…

java spring hashicorp-vault spring-vault

asked Feb 25 '19 at 16:00

RonPringadi

1,294
1
19
44

votes

0 answers

Cannot enable vault userpass authentication using spring

I'm trying to enable vault's userpass authentication mode using Spring's rest template but getting 403 - Forbidden but the same request created in Postman works. I tried with both PUT and POST, with X-Vault-Token(value is the the root token) in…

spring-boot hashicorp-vault spring-cloud-vault-config spring-vault

asked Apr 11 '18 at 11:48

Keshav Bohra

votes

2 answers

UserPass Authentication Vault

I have been trying to use the authentication method from Hashicorp Vault (from here) in my application to get configurations. But not able to get any information regarding this authentication type in Spring's docs, examples, etc. Can you please help…

spring-boot hashicorp-vault spring-vault spring-cloud-vault-config

asked Apr 04 '18 at 12:48

Keshav Bohra

votes

1 answer

Does Spring-Vault Library support Feign Client or is there any way to route the calls through feign

The idea is to make spring-vault use feign client (to take advantage of hystrix's fault tolerance capabilities). Does spring-vault support feign client? or is there a work around if not supported out of the box Or is there away to route…

spring spring-cloud-feign spring-vault

asked Mar 09 '18 at 05:46

Vinesh Roshan

votes

1 answer

Expired Login token refresh (LifecycleAwareSessionManager)

We are seeing a situation where after the login token renewal fails because of a Connect Timeout exception (see below for more details), every subsequent call to Vault is returning a 403 possibly because the expired token is being passed to Vault. I…

spring-vault

asked Feb 21 '18 at 20:20

user1168577

1,863
11
14

votes

1 answer

Spring Vault AWS STS Assume Role support

We are currently using Vault to generate temporary security credentials for AWS using STS. This is done by using the aws/sts backend within vault. To use this backend we need to POST (write) to this vault path, which will immediately generate a…

java spring spring-boot spring-vault

asked Feb 01 '18 at 10:11

Darrell

votes

1 answer

Can spring boot be configured to have a fall back when vault is down?

I'll be deploying my application to aws but the vault instance is not configured there yet so I was wondering if there is a way to use a properties files instead if vault is not up. The app doesn't start successfully when Vault is not started.

spring-cloud spring-cloud-vault-config spring-vault

asked Jan 10 '18 at 12:25

osmingo

votes

1 answer

Setting X-Vault-Wrap-TTL header with spring-vault

We are writing an application that creates short lived secrets using the "response wrapping" feature of Vault. Vault API uses a header to set the TTL to a non-default value. Is there a way to set the X-Vault-Wrap-TTL header using spring-vault?

http-headers hashicorp-vault spring-vault

asked Sep 18 '17 at 19:42

ixe013

9,559
3
46
77

Prev 1 2 3

…

9 Next